Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

Bishop Fox Hybrid Application Assessment Methodology

Overview of Bishop Fox’s methodology for hybrid application penetration testing.

HAA Methodology Mock Up

Learn how Bishop Fox conducts a Hybrid Application Assessment.

Bishop Fox’s hybrid application assessment combines the real-world attack techniques of application penetration testing with a targeted source-code review to more thoroughly identify security vulnerabilities in the application.

The assessment team begins by running automated scans of the deployed application and its source code. A deeper dive is then performed by analyzing the scan results and manually reviewing potential security vulnerabilities. Next, the team assesses the application’s architecture and business logic to locate any design-level issues. Finally, the findings are validated by manually exploiting the vulnerabilities and reviewing relevant design issues.

This Methodology document provides an overview of the following assessment process phases:

  • Pre-assessment
  • Discovery, Testing, and Code Analysis
  • Analysis and Reporting

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.